Announcing the Release of Visual Studio 2013 and Great Improvements to ASP.NET and Entity Framework

Today we released VS 2013 and .NET 4.5.1. These releases include a ton of great improvements, and include some fantastic enhancements to ASP.NET and the Entity Framework. You can download and start using them now.

Below are details on a few of the great ASP.NET, Web Development, and Entity Framework improvements you can take advantage of with this release. Please visit http://www.asp.net/vnext for additional release notes, documentation, and tutorials.

One ASP.NET

With the release of Visual Studio 2013, we have taken a step towards unifying the experience of using the different ASP.NET sub-frameworks (Web Forms, MVC, Web API, SignalR, etc), and you can now easily mix and match the different ASP.NET technologies you want to use within a single application.

When you do a File-New Project with VS 2013 you’ll now see a single ASP.NET Project option:

Selecting this project will bring up an additional dialog that allows you to start with a base project template, and then optionally add/remove the technologies you want to use in it.

For example, you could start with a Web Forms template and add Web API or Web Forms support for it, or create a MVC project and also enable Web Forms pages within it:

This makes it easy for you to use any ASP.NET technology you want within your apps, and take advantage of any feature across the entire ASP.NET technology span.

Richer Authentication Support

The new “One ASP.NET” project dialog also includes a new Change Authentication button that, when pushed, enables you to easily change the authentication approach used by your applications – and makes it much easier to build secure applications that enable SSO from a variety of identity providers.

For example, when you start with the ASP.NET Web Forms or MVC templates you can easily add any of the following authentication options to the application:

The Windows Azure Active Directory support is particularly cool. Last month we updated Windows Azure Active Directory so that developers can now easily create any number of Directories using it (for free and deployed within seconds). It now takes only a few moments to enable single-sign-on support within your ASP.NET applications against these Windows Azure Active Directories. Simply choose the “Organizational Accounts” radio button within the Change Authentication dialog and enter the name of your Windows Azure Active Directory to do this:

This will automatically configure your ASP.NET application to use Windows Azure Active Directory and register the application with it. Now when you run the app your users can easily and securely sign-in using their Active Directory credentials within it – regardless of where the application is hosted on the Internet.

Responsive Project Templates with Bootstrap

The new default project templates for ASP.NET Web Forms, MVC, Web API and SPA are built using Bootstrap. Bootstrap is an open source CSS framework that helps you build responsive websites which look great on different form factors such as mobile phones, tables and desktops. For example in a browser window the home page created by the MVC template looks like the following:

When you resize the browser to a narrow window to see how it would like on a phone, you can notice how the contents gracefully wrap around and the horizontal top menu turns into an icon:

When you click the menu-icon above it expands into a vertical menu – which enables a good navigation experience for small screen real-estate devices:

We think Bootstrap will enable developers to build web applications that work even better on phones, tablets and other mobile devices – and enable you to easily build applications that can leverage the rich ecosystem of Bootstrap CSS templates already out there. You can learn more about Bootstrap here.

Visual Studio Web Tooling Improvements

Visual Studio 2013 includes a new, much richer, HTML editor for Razor files and HTML files in web applications. The new HTML editor provides a single unified schema based on HTML5. It has automatic brace completion, jQuery UI and AngularJS attribute IntelliSense, attribute IntelliSense Grouping, and other great improvements.

For example, typing “ng-“ on an HTML element will show the intellisense for AngularJS:

This support for AngularJS, Knockout.js, Handlebars and other SPA technologies in this release of ASP.NET and VS 2013 makes it even easier to build rich client web applications:

The screen shot below demonstrates how the HTML editor can also now inspect your page at design-time to determine all of the CSS classes that are available. In this case, the auto-completion list contains classes from Bootstrap’s CSS file. No more guessing at which Bootstrap element names you need to use:

Visual Studio 2013 also comes with built-in support for both CoffeeScript and LESS editing support. The LESS editor comes with all the cool features from the CSS editor and has specific Intellisense for variables and mixins across all the LESS documents in the @import chain.

Browser Link – SignalR channel between browser and Visual Studio

The new Browser Link feature in VS 2013 lets you run your app within multiple browsers on your dev machine, connect them to Visual Studio, and simultaneously refresh all of them just by clicking a button in the toolbar. You can connect multiple browsers (including IE, FireFox, Chrome) to your development site, including mobile emulators, and click refresh to refresh all the browsers all at the same time. This makes it much easier to easily develop/test against multiple browsers in parallel.

You will see us take advantage of this support even more to enable really cool scenarios going forward.

ASP.NET Scaffolding

ASP.NET Scaffolding is a new code generation framework for ASP.NET Web applications. It makes it easy to add boilerplate code to your project that interacts with a data model. In previous versions of Visual Studio, scaffolding was limited to ASP.NET MVC projects. With Visual Studio 2013, you can now use scaffolding for any ASP.NET project, including Web Forms.

When using scaffolding, we ensure that all required dependencies are automatically installed for you in the project. For example, if you start with an ASP.NET Web Forms project and then use scaffolding to add a Web API Controller, the required NuGet packages and references to enable Web API are added to your project automatically. To do this, just choose the Add->New Scaffold Item context menu:

Support for scaffolding async controllers uses the new async features from Entity Framework 6.

ASP.NET Identity

ASP.NET Identity is a new membership system for ASP.NET applications that we are introducing with this release.

ASP.NET Identity makes it easy to integrate user-specific profile data with application data. ASP.NET Identity also allows you to choose the persistence model for user profiles in your application. You can store the data in a SQL Server database or another data store, including NoSQL data stores such as Windows Azure Storage Tables. ASP.NET Identity also supports Claims-based authentication, where the user’s identity is represented as a set of claims from a trusted issuer.

Users can login by creating an account on the website using username and password, or they can login using social identity providers (such as Microsoft Account, Twitter, Facebook, Google) or using organizational accounts through Windows Azure Active Directory or Active Directory Federation Services (ADFS).

ASP.NET Web API 2

ASP.NET Web API 2 has a bunch of great improvements including:

Attribute routing

ASP.NET Web API now supports attribute routing, thanks to a contribution by Tim McCall, the author of http://attributerouting.net. With attribute routing you can specify your Web API routes by annotating your actions and controllers like this:

OAuth 2.0 support

The Web API and Single Page Application project templates now support authorization using OAuth 2.0. OAuth 2.0 is a framework for authorizing client access to protected resources. It works for a variety of clients including browsers and mobile devices.

OData Improvements

ASP.NET Web API also now provides support for OData endpoints and enables support for both ATOM and JSON-light formats. With OData you get support for rich query semantics, paging, $metadata, CRUD operations, and custom actions over any data source. Below are some of the specific enhancements in ASP.NET Web API 2 OData.

Support for $select, $expand, $batch, and $value

Improved extensibility

Type-less support

Reuse an existing model

OWIN Integration

ASP.NET Web API now fully supports OWIN and can be run on any OWIN capable host. With OWIN integration, you can self-host Web API in your own process alongside other OWIN middleware, such as SignalR.

ASP.NET SignalR 2

ASP.NET SignalR is library for ASP.NET developers that dramatically simplifies the process of adding real-time web functionality to your applications.

Real-time web functionality is the ability to have server-side code push content to connected clients instantly as it becomes available. SignalR 2.0 introduces a ton of great improvements. We’ve added support for Cross-Origin Resource Sharing (CORS) to SignalR 2.0. iOS and Android support for SignalR have also been added using the MonoTouch and MonoDroid components from the Xamarin library (for more information on how to use these additions, see the article Using Xamarin Components from the SignalR wiki).

We’ve also added support for the Portable .NET Client in SignalR 2.0 and created a new self-hosting package. This change makes the setup process for SignalR much more consistent between web-hosted and self-hosted SignalR applications.

ASP.NET MVC 5

The ASP.NET MVC project templates integrate seamlessly with the new One ASP.NET experience and enable you to integrate all of the above ASP.NET Web API, SignalR and Identity improvements. You can also customize your MVC project and configure authentication using the One ASP.NET project creation wizard. The MVC templates have also been updated to use ASP.NET Identity and Bootstrap as well. An introductory tutorial to ASP.NET MVC 5 can be found at Getting Started with ASP.NET MVC 5.

This release of ASP.NET MVC also supports several nice new MVC-specific features including:

Authentication filters: These filters allow you to specify authentication logic per-action, per-controller or globally for all controllers.

Entity Framework 6 Improvements

Visual Studio 2013 ships with Entity Framework 6, which bring a lot of great new features to the data access space:

Async and Task<T> Support

EF6’s new Async Query and Save support enables you to perform asynchronous data access and take advantage of the Task<T> support introduced in .NET 4.5 within data access scenarios. This allows you to free up threads that might otherwise by blocked on data access requests, and enable them to be used to process other requests whilst you wait for the database engine to process operations. When the database server responds the thread will be re-queued within your ASP.NET application and execution will continue. This enables you to easily write significantly more scalable server code.

Here is an example ASP.NET WebAPI action that makes use of the new EF6 async query methods:

Interception and Logging

Interception and SQL logging allows you to view – or even change – every command that is sent to the database by Entity Framework. This includes a simple, human readable log – which is great for debugging – as well as some lower level building blocks that give you access to the command and results. Here is an example of wiring up the simple log to Debug in the constructor of an MVC controller:

Custom Code-First Conventions

The new Custom Code-First Conventions enable bulk configuration of a Code First model – reducing the amount of code you need to write and maintain. Conventions are great when your domain classes don’t match the Code First conventions. For example, the following convention configures all properties that are called ‘Key’ to be the primary key of the entity they belong to. This is different than the default Code First convention that expects Id or <type name>Id.

Connection Resiliency

The new Connection Resiliency feature in EF6 enables you to register an execution strategy to handle – and potentially retry – failed database operations. This is especially useful when deploying to cloud environments where dropped connections become more common as you traverse load balancers and distributed networks.

EF6 includes a built-in execution strategy for SQL Azure that knows about retryable exception types and has some sensible – but overridable – defaults for the number of retries and time between retries when errors occur. Registering it is simple using the new Code-Based Configuration support:

These are just some of the new features in EF6. You can visit the release notes section of the Entity Framework site for a complete list of new features.

Microsoft OWIN Components

Open Web Interface for .NET (OWIN) defines an open abstraction between .NET web servers and web applications, and the ASP.NET “Katana” project brings this abstraction to ASP.NET.

OWIN decouples the web application from the server, making web applications host-agnostic. For example, you can host an OWIN-based web application in IIS or self-host it in a custom process.For more information about OWIN and Katana, see What's new in OWIN and Katana.

Summary

Today’s Visual Studio 2013, ASP.NET and Entity Framework release delivers some fantastic new features that streamline your web development lifecycle. These feature span from server framework to data access to tooling to client-side HTML development. They also integrate some great open-source technology and contributions from our developer community.

I like to draw your attention towards variety of Ruby and Rails template languages such as Slim (slim-lang.com) and Haml (haml.info) which let us write nifty code (as opposed to the traditional markup), in addition to their default ERB (which is somewhat similar to Razor). The idea is to tackle the nesting with indentation and omit the end tags of markup, loop structure and other code blocks etc. to have a tidier view.

Does the web team at Microsoft have any plans to invent such light-weight template language anytime sooner, as an alternate to ASP (.aspx) and Razor (.cshtml or .vbhtml), say .light, .tidy or .nifty? :)

The docs of Slim (rdoc.info/gems/slim/frames) show how cleanly the alternate code to markup can be written. Moreover, there are variety of ways to generate inline or indented tags. Imagine the ASP master page (or the scary master page of SharePoint publishing site) presented in such a clean way, it would certainly enhance the readability and maintainability!

Also, with Web Essentials and zencoding, the development experience would be doubled in Visual Studio. For the static web sites without any server-side scripting, the light version can be compiled to the corresponding HTML on-save (similar to the feature we have for .less and typescript/coffeescript) and grouping technique can be leveraged like:

/Identity isn't available or the URL is incorrect. But I have a question--Does Identity gracefully handle a single user authenticating through multiple auth providers? And does it handle (or provide a means through which devs can handle) web applications requesting the ability to perform actions for users on these identify providers? Such as posting a tweet for the user?

With this new version can you finally realign the Canadian prices for Visual Studio on the Microsoft Store? Everything else in the store is at parity except for Visual Studio which costs 33% more in Canada. The Canadian dollar hasn't been that low in 10 years!

Great news, EF 6 looks good but the Identity link you posted has very little information. I'm particularly interested in hooking it up to Azure Table Storage. Any pointers to some better coverage or scenarios?
Thanks

Problem is, I have an existing site with tens of thousands of users. All of those passwords are "old school", and all of the data in the site is keyed to aspnet_Users (which EVERYTHING in my site is keyed off aspnet_users.userId) is now an INT by default in the new?

Would love some documentation, and for you guys not to forget you gave us great tools many years ago. Tools by todays standards which may be obsolete, but there are still many, many, MANY sites out there using the old tools. Tools such as VS2012. No upgrade path from early incarnations, and no documentation doesn't make us embrace the new... as much as we many want to. And trust me, I want to. Like, now :)

@Will, yes you can post Tweets on behalf of the user logged in. When a user logs in via Twitter, Facebook etc, you can request more permissions from the user such as post tweet or get the list of friends from Facebook. If the user grants your app permissions then you can perform these operations. For eg. I wrote the following blog post which shows how you can get the list of your friends and their pictures http://blogs.msdn.com/b/webdev/archive/2013/10/16/get-more-information-from-social-providers-used-in-the-vs-2013-project-templates.aspx

@Aaron,
We are working on updating the documentation on asp.net. THis will include guidance on how to migrate from existing memembership system to ASP.NET Identity. In the meanwhile if you want to learn more you can visit the links that Scott put out and go to http://blogs.msdn.com/b/webdev/archive/2013/06/27/introducing-asp-net-identity-membership-system-for-asp-net-applications.aspx
You can also look at this sample which shows you how to add basic roles and users support and a sample to do roles and user management
https://github.com/rustd/AspnetIdentitySample

Thanks! Two of the things that I'm struggling with are ways to convert the old password to new, the switch from aspnet_Users.UserId (uniqueidentifier) to AspnetUsers.Id (nvarchar), and retention of my data that was all keyed against .UserId Guids. I don't know if there's baked in support to use uniqueidentifier guids, if I keep both systems and transfer people to the new one upon login, or if I can slip this in with custom data types, table and field names...

Ready to deep dive into this site rewrite with all of the new toys: EF6, WebApi2, MVC5, Identity. All of this from 3.5, sqlprofileprovider, and... get this... SubSonic 2.0.3! It has been a solid, faithful servant, but it's time to bury it *cries*

@CuriousAboutSharePoint Sharepoint now supports running any web application inside of Sharepoint. Using this feature you can utilize the latest ASP.NET in Sharepoint today. See: http://blogs.msdn.com/b/officeapps/archive/2013/07/09/introducing-mvc-support-for-apps-for-sharepoint.aspx

When will Bootstrap 3 get adopted, and how is HtmlHelper.EditorFor going to deal with the explicitly required 'form-control' class on each input control ? The Bootstrap team already mentioned they're not planning on dropping this again:
https://github.com/twbs/bootstrap/issues/10957

This is both great and sad news, we finally managed to get our team upgraded to VS 2012 and got the go ahead to start making sites using MVC4 and now this announcement comes out with changes that seem like you would want to have them in your latest projects but there is simply no way management will approve another upgrade so soon after VS2012 came into play...not sure how to gauche this announcement, happy that it's made, sad I won't be able to use it.

But none the less very impressive the new version was RTM so quickly, so kudoz to all of who was involved in making that happen ;-)

Scott:
I have been "playing" with it since the RC.
1) The Web-API seems to be really well-backed (ready for prime time)

2) The ASPNet Identity - the parts at least for authentication with MicrosoftAccount; Facebook and Google do not seem to be ready for prime time -- it is so unnecessarily difficult to use for retrieving scope info (eg email, first name etc) -- even if facebook etc sends it to the app.

They do not match the capabilities of the "equivalent" javacript versions of WinLive; FB and gauth. The lack of readiness may explain why there is such scanty documentation on it

You can see the links below for some of the gyrations we are going through just to get things to work smoothly:

http://katanaproject.codeplex.com/workitem/145

http://katanaproject.codeplex.com/workitem/82

Scott: Is it possible your staff can at least document clearly hot we get the "scope" info for at least MicrosoftAccounts; Google and Facebook. many of the examples (even from MS staff) focus only on Facebook.

“The project templates in VS 2013 shows how you can access the basic scopes(email, name) from Social Providers(Microsoft Account, Google, Facebook and Twitter.). When you login using anyone of the providers, you can access these values at the registration step.

While the project templates show the most simplistic case, you would want to extend these social providers and request more scopes. The following post explains how you can request more scopes and access the data in the application. This approach can be used for any Social provider.

Hi Scott:
Thanks for your response.
It seems like a "lot" to do to get basic info.
1) This used to work when MS implemented SimpleMembership and in an RTM version a few months ago. In this version, functionality has been taken away.
2) MS's own implementation of the javascript version for WinLive makes it doubly easy to get this info. -- you specify scope and "all" the info is delivered to you.
3) This version of VS is touted as using "Claims-based" authentication. But it delivers no user claims.
4) It still puzzles me that practically all the examples from MS staff is about getting Facebook info; none about getting info from Microsoft's WinLive. I would think this would be the first.
5) Google supports OAUTH2 -- the current implementation in VS 2013 uses OpenID for Google; any particular reason?
6) Please take a look at Brock Allen's implementation (BrockAllen.OAuth2 -it's on nuget). It make this process so seamless. Personally, I was hoping the RTM would be as seamless.
7) Since security is such a complicated component for the uninitiated, I would think this would be one thing MS would take off our hands - at least as much as possible.
8) By the way, I was already familiar with all the articles in the link(s) you sent before my earlier comment